/*
 * Copyright (c) 2020 Apple Inc. All Rights Reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 *
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 *
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 *
 * @APPLE_LICENSE_HEADER_END@
 */

/* C interfaces to Foundation XPC utilities */
#ifndef _UTILITIES_SECXPCUTILS_H_
#define _UTILITIES_SECXPCUTILS_H_

#include <CoreFoundation/CoreFoundation.h>
#include <xpc/xpc.h>

#ifdef __cplusplus
extern "C" {
#endif

CF_ASSUME_NONNULL_BEGIN

/* SecXPCClientCanEditPreferenceOwnership identifies whether the calling
   process has a keychain-access-groups entitlement of "*", which provides
   a hint to the caller that its role is one which edits item ownership.
   This hint is advisory only and is not used to grant access.
*/
Boolean SecXPCClientCanEditPreferenceOwnership(void);

/* SecXPCCopyClientApplicationIdentifier is designed only to return a
   string which identifies the calling application. In the case where
   there is no current XPC connection, the check is performed in-process.
   As such, this identifier is advisory only and should not be used as
   a security boundary.
*/
CFStringRef SecXPCCopyClientApplicationIdentifier(void);

CF_ASSUME_NONNULL_END

#ifdef __cplusplus
}
#endif

#endif /* _UTILITIES_SECXPCUTILS_H_ */
